Share this story

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents. The feds want a New York federal judge to cut off the companies' access to the US telephone network. The government says a judge has already issued a restraining order against one of the defendants.

Fraudulent robocalls are a serious problem in the United States—and the Justice Department says two US companies contributed significantly to the problem. Over a 23-day period in May and June of last year, for example, defendant TollFreeDeals connected 720 million calls to US numbers. According to the Justice Department, 425 million of the calls lasted for one second or less—suggesting that many were unwanted.

The feds say that during those two months, TollFreeDeals connected 182 million calls from a single India-based call center. Of these calls, more than 90 percent appeared to come from one of 1,000 source numbers. And of those numbers, more than 80 percent have been associated with fraudulent robocalls.

Foreigners seeking to scam American consumers need access to the US telephone network. The two US companies sued by the Justice Department served as VOIP-based gateways between foreign call centers and the US telephone network. They were tiny operations; according to the government, each company did business from the home of its owner.

The companies' overseas clients engaged in a number of scams that might sound familiar to anyone who owns a phone in the US. In one popular scam, fraudsters pretend to work for the Social Security Administration and inform victims that their Social Security number has been "suspended." Other scam callers impersonated the IRS, Microsoft, or other large American organizations. In all cases, the suggested remedy was the same: send the scammers money to help clear up the problem.

In one case, the feds say, a man was told that officials were about to seize the contents of his bank account. The caller claimed to be from the US Marshals Service and told the man to wire his savings—$9,800—to the scammer for safekeeping. The man did so. By the time he realized he'd been scammed, his bank said the money was gone.

The feds don't allege that US telecom providers directly executed these frauds. However, they say, the providers turned a blind eye to rampant criminal activity occurring on their networks. Over a period of years, the companies received numerous warnings from other telecom providers that their services were being used for fraud. Federal officials say they did as little as they could to stop the activity while the scammers continued to operate.

The lawsuit is just the latest front in the federal government's ongoing war against robocalls and other fraudulent use of the telephone system. With some prodding by the FCC, telephone providers have been implementing a system called SHAKEN/STIR to authenticate caller information. Congress also recently passed legislation mandating the use of the SHAKEN/STIR technology—albeit with a rather lenient deadline of 18 months.

"The Department of Justice will pursue to the fullest extent of the law individuals in the United States who knowingly facilitate imposter fraud calls, using both criminal and civil tools where appropriate," Assistant Attorney General Jody Hunt said in a statement.

143 Reader Comments

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

Its a multi-step process.

First the crooks needed to be connected into the USA phone network.Then they need to be connected to the people they are trying to scam, using a fake American phone number.

Apparently these two VoIP providers are providing the entryway to the USA phone network and the fake American phone numbers.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

We can hope that this is a warning shot over their bows. (We can also wish for a pony.)

Alternatively, by starting with the small companies, the feds may hope to establish a precedent to use on the larger ones that have deeper pockets for legal fees.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

Because the big names weren't doing what these companies are accused of doing: directly and knowingly connecting foreign scammers to the US telephone network. You can argue about whether the big guys are doing enough to fight these scammers but I've seen no allegations that they're deliberately trying to profit from them.

That's an understatement. I utterly dread days that I actually am expecting a call from someone, because I have to have my ringer on. Even with a cell number I've had for nearly two decades, and "neighbor scam" blocking, I still get, in no particular order:

- Warnings that there is a "warrant for the arrest of my social security number."- Alarmed, concerned, final calls about my vehicle's factory extended warranty expiring - I've gotten the same "final call before we remove you from our files!" call dozens of times. Remove me already!- Helpful humans, typically, exceedingly interested in helping me get my "free Medicare brace."- Great concern that I'm overpaying for the prescriptions I don't have.- There's no problem with my credit rating, but I qualify for consolidation. Can't get details once I tell them I don't run a balance on my cards.- "Microsoft" calling about the virus on my Windows. They're getting better at filtering for Chromebooks and such, to their credit.

I'm sure I'm forgetting others, and these are just the ones that stick out as ones I'm tired of getting.

Oh, and AT&T helpfully offers spam blocking apps... but, gosh, I'm just too cheap to get access to that. It's a service offered for their postpaid plans only, so my cheap $30/mo prepaid plan (I don't use much data when I'm out) just has to suffer through unwelcome calls.

At this point, I'm just as likely to leave my phone behind as to take it with me. It's of remarkably little value as a "phone" these days.

Once through the robo-call screen to a human the best defence is not to get angry nor just hang up (passing the buck) but to attack their will to do the job: "I hope you are honouring your mother with the work you are doing." They always hang up on me.

Tim is correct (as usual) that SHAKEN/STIR is not used to block calls... but it's not actually used [or will be in 18 months] to "authenticate calls." It merely provides a "confidence level" in an "attestation" that the company providing the call to the carrier has the right to use that number.

If you have multiple carriers, you can still use a different carrier for outbound and inbound, making a number that was either assigned to you or that you "leased" on the Internet perfectly attestable, high confidence, yet entirely not reachable to be called.

This is not a solution, but it may provide the beginning of a framework to provide- authentication of CLID to the source, not just to the "next" carrier- removal of CLIDs that are not reversely routable- database-ify the ownership of NANP CLIDs so that ownership, RPOCs, and management are accountable -- just like WHOIS in the IP space.

This has been going on for YEARS and only in early 2020 do we finally start to see the feds crack down on this? Presumably they've been able to trace the phone calls to these shady companies and figure out what VOIP provider is sourcing most of the robocalls (hint: its not skype or vonage).

I hope justice is swift, if only to prevent other companies from springing up to take their place.

At this point, I'm just as likely to leave my phone behind as to take it with me. It's of remarkably little value as a "phone" these days.

You may be able to do what I did: set your main ringtone to silence and set a special ringtone for every contact you might want to hear from. (This can be the same ringtone, just make sure to set one for all of them.) I don't have many contacts I get calls from regularly, but I was extra careful and added places I don't expect to hear from, but might at some point like the electric company and water company. It works quite well, but isn't possible if you regularly expect calls from unknown numbers.

I never answer the phone from numbers i'm not familiar with. The same includes local numbers.

I kept my longtime phone number when I moved out of state. I just didn't feel like dealing with changing numbers. The bonus of this approach is that now I know that all local calls are real calls. Any unknown caller from my old area code is guaranteed to be a scammer.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

Because the big names weren't doing what these companies are accused of doing: directly and knowingly connecting foreign scammers to the US telephone network. You can argue about whether the big guys are doing enough to fight these scammers but I've seen no allegations that they're deliberately trying to profit from them.

Also you start with the entities causing the most traffic first and also the ration of legitimate to spam calls was probably low?. As that clears up you move on to the next. If the big players are involved directly or indirectly it will be noticed eventually.

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

My best guess? The big names figured out that whatever was going on was shady pretty quickly, realized it would eventually blow up in their faces, and refused the business because they didn't want to be the 'deep pockets' in whatever fine/settlement eventually resulted from it.

That's an understatement. I utterly dread days that I actually am expecting a call from someone, because I have to have my ringer on. Even with a cell number I've had for nearly two decades, and "neighbor scam" blocking, I still get, in no particular order:

- Warnings that there is a "warrant for the arrest of my social security number."- Alarmed, concerned, final calls about my vehicle's factory extended warranty expiring - I've gotten the same "final call before we remove you from our files!" call dozens of times. Remove me already!- Helpful humans, typically, exceedingly interested in helping me get my "free Medicare brace."- Great concern that I'm overpaying for the prescriptions I don't have.- There's no problem with my credit rating, but I qualify for consolidation. Can't get details once I tell them I don't run a balance on my cards.- "Microsoft" calling about the virus on my Windows. They're getting better at filtering for Chromebooks and such, to their credit.

I'm sure I'm forgetting others, and these are just the ones that stick out as ones I'm tired of getting.

Oh, and AT&T helpfully offers spam blocking apps... but, gosh, I'm just too cheap to get access to that. It's a service offered for their postpaid plans only, so my cheap $30/mo prepaid plan (I don't use much data when I'm out) just has to suffer through unwelcome calls.

At this point, I'm just as likely to leave my phone behind as to take it with me. It's of remarkably little value as a "phone" these days.

I'm in the same waters, if not the same boat. My "personal phone number" is the business number I kept after I retired (because I still like to help old clients, though I'm down to ONE now).

I was getting up to 50 calls/day.

I removed voicemail entirely from my account. And I white-listed all the people who can call and have my phone ring (my default ringtone is "Silence", which I recorded myself with an unplugged microphone/input). I look up numbers I don't recognize, and blacklist whole area codes (because no one I know, or want to talk to, lives there).

It's fucking ridiculous the lengths to which people have to go to keep from being pestered by fucktards and robots, but this is the reality of living in the 21st century with a government that has ZERO SHITS TO GIVE about doing anything about the problem.

/rant

It'd be nice if I could use my phone today like I did in the 1970's - with an answering machine (or voicemail as it's known today). But slogging through hundreds of robots and bullshit isn't the kind of thing I want to do with the little remaining time I figure I have to live (based on my age an average life expectancy). So I spare myself that agony and ignore anyone I don't recognize or have a "relationship" of some kind with (be it business or personal). I often wonder what I'm missing, but in the few times I tried to find out, I realized the answer was "nothing".

And, to me, that's the issue. The 21st century was supposed to have robots, but not on the fucking telephone.

I never answer the phone from numbers i'm not familiar with. The same includes local numbers.

I kept my longtime phone number when I moved out of state. I just didn't feel like dealing with changing numbers. The bonus of this approach is that now I know that all local calls are real calls. Any unknown caller from my old area code is guaranteed to be a scammer.

Same here! Another bonus is that many scam calls spoof not just your area code but also your exchange, so you can automatically reject any call that matches the first 6 digits of your own number.

I never answer the phone from numbers i'm not familiar with. The same includes local numbers.

I kept my longtime phone number when I moved out of state. I just didn't feel like dealing with changing numbers. The bonus of this approach is that now I know that all local calls are real calls. Any unknown caller from my old area code is guaranteed to be a scammer.

Same here! Another bonus is that many scam calls spoof not just your area code but also your exchange, so you can automatically reject any call that matches the first 6 digits of your own number.

I also need to blacklist my own number. Amusing when a robocall/scammer spoofs it right back at me.

Interesting that for home landline use (even AT&T VOIP) NoMoRobo is free. They do charge you if you're a business or want it on a cell number. They're pretty good at blocking, but the phone usually still rings once.

"Foreigners seeking to scam American consumers need access to the US telephone network."

More fundamental than that, they need access to a coherent payment system to transfer funds from the target to the scammer.

This is something I've never once seen adequately explained: Why aren't the payment processors involved with these scams tracked down and eliminated? Obviously many/most are overseas, but sooner or later Mastercard, Visa, and Discover will be involved and yet they don't do a goddamned thing to shut these operations down.

If the credit card providers who supply service to the scammers (anywhere in the payment chain) aren't being held responsible then they should be sued out of business or shut down.

Fuck going after the telecoms - they are absolutely useless in fighting this. Always have been and always will be. But the payment services are a different barrel of fish and operate under tighter regulations. If anyone is going to write laws about stopping scammers (including email spammers), FOLLOW THE GODDAMN MONEY and start hitting these companies where it hurts.

I often wonder why the larger networks don’t apply pressure to stop this, it’s made my landline useless - ALL calls are spam - and it’s seriously degraded the value of my cell plan so that the “phone” option could arguably be dispensed with. Those are both paid elements of my household comms bill. I’m just going to turn them off and stop paying.

I kept my longtime phone number when I moved out of state. I just didn't feel like dealing with changing numbers. The bonus of this approach is that now I know that all local calls are real calls. Any unknown caller from my old area code is guaranteed to be a scammer.

I also kept my old number when I moved to a new location, but now I get unknown callers from both area codes. If you aren’t in my contacts, I don’t answer.

I can't cite the relevant regulation (Telecommunications Act of 1996, probably?), but I'm pretty sure US law requires the big telcos to interconnect with "competitors", which is defined really broadly.

"Foreigners seeking to scam American consumers need access to the US telephone network."

More fundamental than that, they need access to a coherent payment system to transfer funds from the target to the scammer.

This is something I've never once seen adequately explained: Why aren't the payment processors involved with these scams tracked down and eliminated? Obviously many/most are overseas, but sooner or later Mastercard, Visa, and Discover will be involved and yet they don't do a goddamned thing to shut these operations down.

If the credit card providers who supply service to the scammers (anywhere in the payment chain) aren't being held responsible then they should be sued out of business or shut down.

Fuck going after the telecoms - they are absolutely useless in fighting this. Always have been and always will be. But the payment services are a different barrel of fish and operate under tighter regulations. If anyone is going to write laws about stopping scammers (including email spammers), FOLLOW THE GODDAMN MONEY and start hitting these companies where it hurts.

Erm... because in general most phone scammers don't do that.Scammers don't sign up with a payment processor and then charge their victims' credit cards.That path is mostly closed.

There are however many other ways to profit.E.g. a scammer may simply sell the credit card information (as little as $10 per card) to others who specialize in credit card fraud.Those may use the credit card information to purchase physical goods from innocent merchants and then sell those goods for profit.

It's fucking ridiculous the lengths to which people have to go to keep from being pestered by fucktards and robots, but this is the reality of living in the 21st century with a government that has ZERO SHITS TO GIVE about doing anything about the problem.

First, you have to blame Big Business. They are the reason this mess exists. They insisted on allowing spoofed numbers so that when Bob in Accounting calls you, it reports the number as the main switchboard. AT&T did not want to allow this as it was more work for them. Wait, more work? We can charge boatloads extra for that feature.

A bit of classic Popehat on this topic hinting at the sorts of odds they'll face in court. 10 years old but still amusing as teeth knash following the 16th "Your Google Listing Is Out Of Date" of the day: "The Most Universally Despised Defendants". The start:

Ken White wrote:

I've prosecuted, and represented, violent criminals, drug dealers, and sex offenders. What class of clients has been the most universally reviled?

It's telemarketers. Hands down.

The Federal Trade Commission's legal team, to be blunt, is not the varsity. But in pursuing telemarketers they are merciless and relentless and constantly radiating contempt for the telemarketing defendants they sue. It doesn't matter that their legal work is substandard — particularly for federal court — because federal judges tend to give them a pass. I've never seen federal judges express such open contempt for a client, and so transparently disregard a client's procedural rights and cut slack to the other side, as I have in representing telemarketers. Moreover, even though I've represented sex offenders and gang members who have shaved their eyebrows and tattooed "FUCK YOU" over their eyes, I've never felt as despised as a lawyer as I have when I represent telemarketers.

I suspect it's probably because they're such scumbags.

As with email, a lot of the trouble comes down to the age of the protocols meaning there is little to on real authentication. Perhaps we'll see some progress on that eventually, but in the mean time I suspect legal efforts are a bit of case of sticking fingers in a leaking dam. Still satisfying that the hammer does once in a while come down.

And who wants to bet the 'penalties' for having aided robocallers will be a fraction of the profits generated from it, ie 'the cost of doing business' that does nothing to actually discourage telecomms from aiding robocallers.

Fuck going after the telecoms - they are absolutely useless in fighting this. Always have been and always will be. But the payment services are a different barrel of fish and operate under tighter regulations. If anyone is going to write laws about stopping scammers (including email spammers), FOLLOW THE GODDAMN MONEY and start hitting these companies where it hurts.

Three of the biggest ways they take money from victims are bank transfers (which once completed may not be able to be clawed back, depends on how long), Western Union money transfers (once sent and received, basically gone for good) and gift cards. There's actually signs up at all the self-checkout registers at the Walmarts in the area warning people about buying gift cards to give out over the phone for these scams and I'm pretty sure the cashiers are instructed to give the same warnings. Western Union also has warnings.

The scammers get their victims terrified of losing something important, and instruct them to ignore the warnings from the businesses, so they often do. There's not much else those businesses can do to stop this, as the scammers are deliberately using methods that can't be easily taken back.

Simple solution: Long overdue law forcing telecom companies to provide any customer with an option to allow only calls from certified legal entities.This way we can sue the scammer and/or the telephone company.

I'm guessing the NSA watched half a billion 1-second calls pouring into the U.S. from India for three weeks via a single provider and just said "meh, what we really need is to get the goods on Ukraine."

The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.

Why none of the big names?

Because the big names weren't doing what these companies are accused of doing: directly and knowingly connecting foreign scammers to the US telephone network. You can argue about whether the big guys are doing enough to fight these scammers but I've seen no allegations that they're deliberately trying to profit from them.

I hate to disagree, but if you think that the big names can't tell that 85% of calls that they handle come from networks that don't own the number being presented as CLID, you're badly mistaken. If you get voip service from at&t and configure your system to present 8882114727, don't you think at&t's computers know that this is a Sprint owned number? What if you present a different number every 5 minutes?

Quote:

I've seen no allegations that they're deliberately trying to profit from them.

They get paid by the network that they accepted the call from. This means that in the past, at&t billed another carrier for delivering a call from my phone, which was on at&t's network, to my phone. And you say this wasn't deliberate? I beg to differ.

My favorite was a scam call from one "Peter Parker" from the "IRS", about an impending large fine.

Too bad I never gave "Peter Parker" chance to explain his noticeable Indian accent.

There are actual americans of indian descent that do work for the IRS.They are extremely professional & really good to deal with

I did have to call in for my taxes due to a mistake and was on hold for a long timeFinally a guy picks up and gives me his federal id number & states we are on a recorded line.I recognized the Indian accent & hesitated (because I thought i dialed a wrong number by mistake), but he was really courteous & helped me resolve my issue & I was able to file an extension with minimal hassle